Home Tags Shai-Hulud

Tag: Shai-Hulud

Shai-Hulud 2.0 demonstrates the danger of open source, expert says

Cybersecurity

Shai-Hulud 2.0 demonstrates the danger of open source, expert says

December 12, 2025Ken Showers, Managing Editor

YARMOUTH, Maine — Developers are picking up the pieces after the catastrophic release of the Shai-Hulud 2.0 malware worm in the Node Package Manager (NPM) registry.  The worm infected thousands of repositories, exposing up to 400,000 developer secrets and wiping victims’ home directories. Its primary goal was to steal sensitive credentials, including GitHub Personal Access Tokens (PATs) and API keys for major cloud platforms like AWS, Google Cloud and Microsoft Azure.  Microsoft,...

GitHub, Joe Saunders, malware, Node Package Manager (NPM), Shai-Hulud

Read Full Articlered right arrow icon